Congress Debating If Putting A Fake Name On Facebook Should Be A Felony
from the how-to-turn-the-whole-world-into-felons dept
At the root of many of the arguably overreaching applications of the CFAA is the prohibition on conduct which "exceeds authorized access" to a computer system. According to Kerr:
Breaching an agreement or ignoring your boss might be bad. But should it be a federal crime just because it involves a computer? If interpreted this way, the law gives computer owners the power to criminalize any computer use they don't like.
Would you believe that some politicians are even thinking of making the bill even worse?
Professor Kerr's primary concern expressed in the op-ed was that the CFAA was going to be amended to make any violation of the CFAA a felony. Hopefully, this won't pan out. The original Administration proposal (pdf) did increase the baseline punishment for any violation of the CFAA (including exceeding authorized access) from a misdemeanor level offense (less than one year) to a felony. But, thankfully, the Judiciary Committee didn't take the Administration's suggestion. Lets hope it stays that way as this bill makes its epic journey through the Washington legislative sausage maker.
There is yet a glimmer of rational-thought hope. Senators Grassley and Franken have introduced an amendment (pdf) which would modify the definition of "exceeds authorized access" to exclude violations of a TOS, if that's the only basis for the charge of violating the CFAA, effectively improving the CFAA instead of making it worse. Fingers crossed that the amendment makes it in.